Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 5 / 5
Susan Rambo
User Rank
Blogger
Re: Local access does make the difference
Susan Rambo   8/7/2013 10:19:30 PM
NO RATINGS
You are probably right. We are all in more danger from badly designed code in ECUs than we are yet from car hacking.

Bert22306
User Rank
CEO
Re: Local access does make the difference
Bert22306   8/7/2013 8:47:36 PM
NO RATINGS
In short, the focus has to be on brakes, steering, and to a lesser extent, throttle. Listing a lot of other stuff just adds noise to the discussion.

The question of what will be possible or not in the future isn't the issue. The future will have to be taken care of, in due course. The question at hand now is how vulnerable vehicles are, present tense, to remote hacking into the critical system (steering, brakes, throttle, not the stereo). It goes without saying that as new capabilities are added to cars, for safety, efficiency of operation, or convenience, new attack vectors will emerge that will need to be addressed. We need not assume right now that these eventual vulnerabilities will go unaddressed.

That's the way engineering of new things has always evolved, after all. You design something new, then you do your best to debug the new gadget before putting it on the market. Unless we're to believe that engineers are unable to discover vulnerabilities, and why that would be the case I don't know, then this network connectivity is just another new aspect to debug thoroughly. And yes, things are missed from time to time, and they have to be fixed quickly when this happens.

As to telematics hacking, that's not a major safety concern, unless you show that OnStar (or other) can incapacitate the brakes, steering, or throttle. Can it? It is probably possible to shut the car down remotely (anti-theft), but fortunately cars can stop passively, without incurring a huge risk. On the other hand, whether the hacker can determine your location, or whether your engine warning light is lit, is more of a privacy issue at best. AND, any car owner can incapacitate that OnStar system. Find the access panel, probably in the trunk, and disconnect it.

Susan Rambo
User Rank
Blogger
Re: Local access does make the difference
Susan Rambo   8/7/2013 8:06:50 PM
NO RATINGS
Only a matter of time, do you think? What happens when cars become just a "thing" -- an end node -- on the Internet of Things, as this newly formed US Consortium is working toward? I bet wireless remote hacking will be possible. Researchers from the CAESS Center for Embedded Automotive Systems  (the same UofW and UCSD group mentioned in article) say "we can call our car's cellular phone number to obtain full control over the car's telematics unit over an arbitrary distance."

Bert22306
User Rank
CEO
Local access does make the difference
Bert22306   8/7/2013 7:23:08 PM
NO RATINGS
Sorry, Junko, we've been over this already. Local connection to the OBD-II port makes all the difference. Unless you encrypt any content that can go into the OBD-II port, making it essentially useless for its intended purpose, it would be pretty hard to prevent "hacking" when the "hacker" is deliberately allowed to get inside.

This OBD-II port is meant for garages to use, e.g. for troubleshooting and emissions testing. They also have access to brakes, steering, and throttle, and every other system in that car, without needing wires to cause damage.

If you do encrypt that OBD-II port, and then you give garages the private key necessary to decrypt, so they can do their work, then we're back where we are now.

Having remote wireless access to the critical functions, such as brakes, throttle, and steering, through an unencrypted interface, is what has to be shown. If that's available, then that security hole needs to be plugged. But quite honestly, this stream of articles about hacking seems to obfuscate the attack vectors, by including a lot of extraneous information.

Show me where a remote wireless device can impair the function of throttle, brakes, or steering. Leave the rest out. Then we can see if there's a problem to be fixed.

<<   <   Page 5 / 5


EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Creating a Vetinari Clock Using Antique Analog Meters
Max Maxfield
55 comments
As you may recall, the Mighty Hamster (a.k.a. Mike Field) graced my humble office with a visit a couple of weeks ago. (See All Hail the Mighty Hamster.) While he was here, Hamster noticed ...

EDN Staff

11 Summer Vacation Spots for Engineers
EDN Staff
11 comments
This collection of places from technology history, museums, and modern marvels is a roadmap for an engineering adventure that will take you around the world. Here are just a few spots ...

Glen Chenier

Engineers Solve Analog/Digital Problem, Invent Creative Expletives
Glen Chenier
11 comments
- An analog engineer and a digital engineer join forces, use their respective skills, and pull a few bunnies out of a hat to troubleshoot a system with which they are completely ...

Larry Desjardin

Engineers Should Study Finance: 5 Reasons Why
Larry Desjardin
45 comments
I'm a big proponent of engineers learning financial basics. Why? Because engineers are making decisions all the time, in multiple ways. Having a good financial understanding guides these ...

Flash Poll
Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)